Cyber Security Risk Analyst
- Washington, DC, USA, Washington, DC
Encompass (IT) Security Services is a full services technology service provider located in Camp Springs, MD. Our services range from enterprise planning and implementation to Cyber Security. Our clients include federal, state and local governments, non-profits and other corporate entities. Encompass IT also offers technology products at our retail locations.
Serves as a lead cyber and information security consultant to the project team by conducting security risk assessments and providing guidance on securing information systems, applications, and networks.
Provides technical guidance and expertise in the areas of secure application development, security risk management and assessment, security policies and standards, security architectures and implementations, and effective security risk assessment practices.
Performs application and technology design reviews, security risk assessments, requirements analysis, security testing oversight, risk remediation planning, and security project management.
Develops, reviews, and implements security risk management policies, standards, and practices.
Defines security and policy compliance requirements in supporting the acquisition and deployment of security software, systems, and services.
Provides guidance on the development and integration of a security development lifecycle (SDL) to include secure development, testing, and configuration of application and web architectures.
Review and assess other vendor’s information security solutions and deliverables, including technologies and architectures, security controls and procedures, and review contract documentation.
Experience with design and development of secure enterprise communications systems.
Experience with the analysis, systems design, implementation and testing of secure enterprise information systems.
Experience in Network engineering with emphasis in design, implementation, operations and maintenance of a variety of Windows services, application and database servers, relevant network security appliances and Endpoint security products.
• Expert knowledge of firewalls, Intrusion Prevention Systems (IPS), and Virtual Private Network (VPN) technologies;
• Expert knowledge of encryption, anti-virus, and patch management technologies;
• Specific knowledge of the Juniper Firewall NPN and related technologies;
• Specific knowledge of the Juniper Secure Socket Layer (SSL) VPN and related technologies;
• Specific knowledge of the McAfee network and host-based IPS;
• Specific knowledge of the McAfee Anti-Virus and Remediation Manager;
• Expert knowledge of various IP protocols and their behavior;
• Expert knowledge of the OSI model and Transmission Control Protocol /Internet Protocol (TCP/IP) stacks;
• Expert knowledge of network routing and switching methodologies;
• Functional working knowledge of internet content filtering;
• Functional working knowledge of wireless communications;
• Functional knowledge of analysis and system scanning tools.
All your information will be kept confidential according to EEO guidelines.